Monodic Temporal Resolution 



Anatoly Degtyarev 1 , Michael Fisher 2 , and Boris Konev 2 * 

1 Department of Computer Science, King's College, Strand, London WC2R 2LS, U.K. 

anatoli@dcs.kcl.ac.uk 

2 Department of Computer Science, University of Liverpool, Liverpool L69 7ZF, U.K. 

{M . Fisher , B . Konev}@csc . liv . ac . uk 



Abstract. Until recently, First-Order Temporal Logic (FOTL) has been little un- 
derstood. While it is well known that the full logic has no finite axiomatisation, 
a more detailed analysis of fragments of the logic was not previously available. 
However, a breakthrough by Hodkinson et.al., identifying a finitely axiomatis- 
able fragment, termed the monodic fragment, has led to improved understanding 
of FOTL. Yet, in order to utilise these theoretical advances, it is important to have 
appropriate proof techniques for the monodic fragment. 

In this paper, we modify and extend the clausal temporal resolution technique, 
originally developed for propositional temporal logics, to enable its use in such 
monodic fragments. We develop a specific normal form for formulae in FOTL, 
and provide a complete resolution calculus for formulae in this form. Not only 
is this clausal resolution technique useful as a practical proof technique for cer- 
tain monodic classes, but the use of this approach provides us with increased 
understanding of the monodic fragment. In particular, we here show how several 
features of monodic FOTL are established as corollaries of the completeness re- 
sult for the clausal temporal resolution method. These include definitions of new 
decidable monodic classes, simplification of existing monodic classes by reduc- 
tions, and completeness of clausal temporal resolution in the case of monodic 
logics with expanding domains, a case with much significance in both theory and 
practice. 

1 Introduction 

Temporal Logic has achieved a significant role in Computer Science, in particular, 
within the formal specification and verification of concurrent and distributed sys- 
tems [27,24, 19]. While First-Order Temporal Logic (FOTL) is a very powerful and 
expressive formalism in which the specification of many algorithms, protocols and com- 
putational systems can be given at the natural level of abstraction, most of the temporal 
logics used remain essentially propositional. The reason for this is that it is easy to show 
that FOTL is, in general, incomplete (that is, not recursively-enumerable [28]). In fact, 
until recently, it has been difficult to find any non-trivial fragment of FOTL that has 
reasonable properties. A breakthrough by Hodkinson et. al. [18] showed that monodic 
fragments of FOTL could be complete, even decidable. (In spite of this, the addition 
of equality or function symbols can again lead to the loss of recursively enumerability 
from these monodic fragments [32,7].) 
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Following the definition of the monodic fragment, work analysing and extending 
this fragment has continued rapidly, and holds great promise for increasing the power 
of logic -based formal methods. However, until recently, there were no proof techniques 
for monodic fragments of FOTLs. Although a tableaux based approach was proposed 
in [23], we here provide a complete resolution calculus for monodic FOTL, based on our 
work on clausal temporal resolution over a number of years [10, 13, 3, 4, 6]. The clausal 
resolution technique has been shown to be one of the most effective proof techniques for 
propositional temporal logics [20], and we have every reason to believe that it will be as 
least as successful in the case of FOTL; this paper provides the key formal background 
for this approach. 

The structure of the paper is as follows. After a brief introduction to FOTL (Sec- 
tion 2), we define a normal form that will be used as the basis of the resolution technique 
and show that any monodic temporal problem can be transformed into the normal form 
(Section 3). In Section 4 we present the temporal resolution calculus and, in Section 5, 
we provide detailed completeness results. 

In Sections 6 and 7, we adapt the resolution technique to a number of variations of 
monodic FOTL, whose completeness follows from the corresponding adaptation of the 
completeness results given in Section 5. Thus, in Section 6, we provide an extension of 
the monodic fragment (as defined in [18]) and, in Section 7, we restrict first-order quan- 
tification in a number of ways to provide sub-classes which admit simplified clausal 
resolution techniques. 

In the penultimate part of the paper, we examine results relating to the practical use 
of the clausal resolution calculus. The first such aspect concerns decidability, which we 
consider in Section 8. An appropriate loop search algorithm is required for implemen- 
tation of the clausal resolution technique, and the definition and completeness of such 
an algorithm is examined in Section 9. In order to develop a practical clausal resolution 
system, as well as examining a fragment with important applications and a simplified 
normal form, we present results relating to resolution over the monodic fragment with 
expanding domains in Section 10. This provides the basis for the system currently being 
implemented [22]. 

Finally, in Section 1 1, we present conclusions and outline our future work. 

2 First-Order Temporal Logic 

First-Order (linear time) Temporal Logic, FOTL, is an extension of classical first-order 
logic with operators that deal with a linear and discrete model of time (isomorphic to N, 
and the most commonly used model of time). The first-order temporal language is con- 
structed in a standard way [12, 18] from: predicate symbols P , Pi, . . . each of which 
is of some fixed arity (null-ary predicate symbols are called propositions); individual 
variables xo, X\, . . . ; individual constants Co, Ci, . . . ; Boolean operators A, -i, V, 
= true ('true'), false ('false'); quantifiers V and 3; together with temporal operators 
□ ('always in the future'), ('sometime in the future'), O ('at the next moment'), U 
(until), and W (weak until). There are no function symbols or equality in this FOTL 
language, but it does contain constants. For a given formula, <j>, const(^) denotes the 
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set of constants occurring in <fi. We write cf>(x) to indicate that <p(x) has at most one free 
variable x (if not explicitly stated otherwise). 

Formulae in FOTL are interpreted in first-order temporal structures of the form 
971 = (D, I), where D is a non-empty set, the domain of 971, and / is a function asso- 
ciating with every moment of time, n € N, an interpretation of predicate and constant 
symbols over D. We require that the interpretation of constants is rigid. Thus, for every 
constant c and all moments of time i, j > 0, we have Ii(c) = Ij(c). The interpretation 
of predicate symbols is flexible. 

A (variable) assignment a over I? is a function from the set of individual variables 
to D. For every moment of time, n, there is a corresponding^zraf-orafer structure 97t„ = 
(D, I n ), where /„ = I(n). Intuitively, FOTL formulae are interpreted in sequences of 
worlds, 97to, 97Ti , . . . with truth values in different worlds being connected by means of 
temporal operators. 

The truth relation 97t„ |= a (p in a structure 971, for an assignment o, is defined 
inductively in the usual way under the following understanding of temporal operators: 

97l„h a O0 iff 97t n+1 h° 0; 

1=° 0</> iff there exists m> n such that 97l m |= a <p; 
QKn h° U4> iff for all m > n, 97t m p 4>; 
97t„ ^ a (</>UV>) iff there exists m > n, such that 97l m |= a tp, 

and for all i £ N, n < i < m implies 97t m |= a 0; 
97l„ h a (<W) iff Tl n h° (<^U^) or Tl n h° □</>• 

971 is a model for a formula (or (f> is frae in 971) if there exists an assignment a such 
that 97l \= a (p. A formula is satisfiable if it has a model. A formula is valid if it is true 
in any temporal structure under any assignment. 

This logic is complex. It is known that even "small" fragments of FOTL, such as 
the two-variable monadic fragment (all predicates are unary), are not recursively enu- 
merable [25, 18]. However, the set of valid monodic formulae is known to be finitely 
axiomatisable [32]. 

Definition 1 (Monodic Formula). An FOTL-formula (j) is called monodic if any sub- 
formulae of the form Tip, where T is one of O, □, 0, contains at most one free 
variable. 

The addition of either equality or function symbols to the monodic fragment leads to the 
loss of recursive enumerability [32]. Moreover, it was proved in [7] that the two vari- 
able monadic monodic fragment with equality is not recursively enumerable. However, 
in [17] it was shown that the guarded monodic fragment with equality is decidable. 



3 Divided Separated Normal Form (DSNF) 

As in the case of classical resolution, our method works on temporal formulae trans- 
formed into a normal form. The normal form we use follows the spirit of Separated 
Normal Form (SNF) [10, 13] and First-Order Separated Normal Form (SNF/) [11, 12], 
but is refined even further. 
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The development of SNF/SNF/ was partially devised in order to saparate past, 
present and future time temporal formula (inspired by Gabbay's separation result [14]). 
Thus, formulae in SNF/SNF / comprise implications with present-time formulae on the 
left-hand side and (present or) future formulae on the right-hand side. The transforma- 
tion of temporal formulae into separated form is based upon the well-known renaming 
technique [29,26], which preserves satisfiability and admits the extension to temporal 
logic in (Renaming Theorems [12]). 

Another aim with SNF/SNF / was to reduce the variety of temporal operators used 
to a simple core set. To this end, the transformation to SNF/SNF / involves the removal 
of temporal operators represented as maximal fixpoints, that is, □ and W (Maximal 
Fixpoint Removal Theorems [12]). Note that the U operator can be represented as a 
combination of operators based upon maximal fixpoints and the operator (which is 
retained within SNF/SNF/). This transformation is based upon the simulation of fix- 
points using QPTL [30]. 

In the first-order context, we now add one further aim, namely to divide the temporal 
part of a formula and its (classical) first-order part in such way that the temporal part is 
as simple as possible. The modified normal form is called Divided Separated Normal 
Form or DSNF for short. 

Definition 2 (Temporal Step Clauses). A temporal step clause is a formula either of 
the form I Qm, where I and m are propositional literals, or (L(x) =^> OM(x)), 
where L(x) and M{x) are unary literals. We call a clause of the the first type an (orig- 
inal) ground step clause, and of the second type an (original) non-ground step clause 3 . 

Definition 3 (DSNF). A monodic temporal problem in Divided Separated Normal 
Form (DSNF) is a quadruple (<U,I, S, £), where 

1. the universal part, U, is a finite set of arbitrary closed first-order formulae; 

2. the initial part, X, is, again, a finite set of arbitrary closed first-order formulae; 

3. the step part, S, is a finite set of original (ground and non-ground) temporal step 
clauses; and 

4. the eventuality part, £, is a finite set of eventuality clauses of the form (}L(x) (a 
non-ground eventuality clause) and ()l (a ground eventuality clause), where I is a 
propositional literal and L(x) is a unary non-ground literal. 

Note that, in a monodic temporal problem, we disallow two different temporal step 
clauses with the same left-hand sides. This requirement can be easily guaranteed by 
renaming. 

In what follows, we will not distinguish between a finite set of formulae X and the 
conjunction /\ X of formulae within the set. With each monodic temporal problem, we 
associate the formula 

IADMA QVxS A nVx£ . 

Now, when we talk about particular properties of a temporal problem (e.g., satisfiability, 
validity, logical consequences etc) we mean properties of the associated formula. 

3 We could also allow arbitrary Boolean combinations of propositional and unary literals in the 
right hand side of ground and non-ground step clauses, respectively, and all results of this 
paper would hold. We restrict ourselves with literals for simplicity of the presentation. 
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Arbitrary monodic first-order temporal formula can be transformed into a 
satisfiability-equivalent unconditional eventuality monodic temporal problem. We 
present the transformation as a two stage reduction. 

Reduction to conditional DSNF. We first give a reduction from monodic FOTL to a 
normal form where, in addition to the parts above, conditional eventuality clauses of 
the form 

P(x) => 0L(x) and p=>()l 

are allowed. The reduction is based on using a renaming technique to substitute non- 
atomic subformulae and replacing temporal operators by their fixed point definitions 
described e.g. in [13]. The translation can be described as a number of steps. 

1 . Translate a given monodic formula to negation normal form. (To assist understand- 
ing of the translation, we list here some equivalent FOTL formulae.) 

Vx(-O0(x) =0-^(a;)); 
Vz^D^r) =<W(x)); 

Vx(^((j)(x)XJiP(x)) = -^(x)W(-Kf>(x) A ^(jc)))); 
VxH</.(x)W?/>(x)) = -iip(x)\J(-xj)(x) A ip(x))). 

2. Recursively rename innermost temporal subformulae, Ocj)(x), ()<j)(x), 
(f>(x)l]ip(x), (f>(x)Wip(x) by a new unary predicate P(x). Renaming introduces 
formulae defining P(x) of the following form: 

(a) Uix{P{x) => 0<t>(x)); 

(b) \JVx(P(x) 0<f>(x)); 

(c) DVx(P(x) U<f>{x)); 

(d) nVx(P(x) (f>{x)\Ji>{x)) 

(e) □ Vx(P(x) cp(x)Wtp(x)). 

Formulae of the form (a) and (b) are in the normal form 4 , formulae of the form 
(c) and (d) require extra reduction by removing the temporal operators using their 
fixed point definitions; formulae of the last kind can be reduced by the semantics 
of the W operator. 

3. Use fixed point definitions 

□ Vx(P(x) => □</>(£)) is satisfiability equivalent to 

□ Vx(P(x) => R(x)) 
ADVx(i?(x) => OR(x)) 
A\JVx(R(x) => <j)(x)), 

4 Possibly, after (first-order) renaming the complex expression <f>(x); the formulae introduced 
by renaming are put in the universal part. This kind of first-order renaming is used implicitly 
further in this section. 
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and nVx(P(x) => ((fi(x)XJip(x))) is equivalent (w.r.t. satisfiability) to 

□ Vx(P(x) O^(ic)) 
ADVa;(P(x) ^(i)V^)) 
ADVa;(P(a;) S(a;)V^)) 
A □Va;(5(x) O V V>(*))) 
A □Vz(S(z) O V V(a;))), 

where and S(x) are new unary predicates. 

Conditional problems to unconditional problems. In the second stage, we replace any 
formula □Vx(P(x) => 0£(x)) by 

□Vx(((P(x) A -.L(x)) waitforL(x))) (1) 
□Vx((w<wi/or£(x) A 0->i(ar)) => O waitforL(x)) (2) 
□Vx(0^w<wtfor£(x)) (3) 

where waitforL(x) is a new unary predicate. 

Lemma 1. <P U { □ Vx(P(x) =>■ 0L(x))} is satisfiable if, and only if, $ U 
{(1), (2), (3)} is satisfiable. 

Proof (=>) Let 971 be a model of <?> U { nVx(P(x) 0£(x))}. Let us extend this 
model by a new predicate waitforL such that, in the extended model, 971', formulae (1), 
(2), and (3) would be true. 

Let d be an arbitrary element of the domain D. We define the truth value of 
waitforL(d) in n-th moment, n G N, depending on whether 971 |= OCP(c() or 

- Assume 971 |= DOP(d). Together with 971 |= DVx(P(x) 0L(x)), this im- 
plies that m \= DOL(d). 

For every n G N let us put 

97i; h ->waitforL(d) & Wl' n \= L(d) 97t„ |= L(d)). 

- Assume 971 |= O^P(d). There are two possibilities: 

• OR \= □ -iP(d). In this case let us put 9Jl' n |= -^waitforL(d) for all n G N. 

• There exists m G N such that 97t m |= P(d) and, for all n > m, 97t„ |= ->P(d). 
These conditions imply, in particular, that there is I > m such that 971/ |= L(d) 
if the formula is satisfiable. Now we define waitforL(d) in 971' as follows: 

97i; |= -nwaitforL{d) & Tt' n \= L(d) if < n < I, 
9Jl' n \= ->waitforL(d) if n > I. 

It is easy to see that 971' is the required model. 

(<=) Let us show that □Vx(P(x) => (}L(x)) is a logical consequence of <P U 
{(1),(2),(3)}. 
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Let 97t' be a model of <2> U {(1), (2), (3)}. By contradiction, suppose 97t' ty= 
\JVx(P(x) => <>L(x)), that is, 971' \= 03x(P(x) A Ehi(x)). Let m e N be 
an index and e e D m be a domain element such that Tl' m \= P(e) and for all 
n > m, Wl' n \= -iL(e)). Then from (1) and (2) we conclude that for all n > m, 
we have 97t^ |= waitforL(e)). However, this conclusion contradicts the formula 
\Z\Vx()^waitforL(x) which is true in 971'. □ 

This concludes to the following theorem. 

Theorem 1 (Transformation). Every monodic first-order temporal formula can be re- 
duced, in a satisfiability equivalence preserving way, to DSNF with at most a linear 
increase in size of the problem. 

Example 1. Let us consider the temporal formula 3x □OVj/VzBu <P(x, y, z, u) where 
<&(x, y, z, u) does not contain temporal operators and reduce it to DSNF. First, we re- 
name the inmost temporal subformula by a new predicate, 

3a; □ Pi (a;) A DVx[Pi(x) <)\/y\/z3u$(x,y,z,u)}. 

Now, we rename the first ' □' -formula and the subformula under the '0' operator, 

3xP 3 (x) A □Vx[Pi(ar)=>0ft(a;)] 

A □Vx[P 2 (a;)^VyVz3u^(x,?/,z,u)] 
A nVx[Pb(x)=>DPi{x)], 

"unwind" the ' □ ' operator 

3xP 3 (x) A UVx[Pi(x) 0P 2 (a;)] 

A n\Vx[P 2 (x) => MyVz3u<!>{x,y, z,u)] 

A nVx[Pb(x) => Pa{x)] 

A UVx[P A {x) => OPi(x)} 

A nVx[P 4 (x) ^Pi{x)}, 

and, finally, reduce the conditional eventuality to an unconditional one. 

3xP 3 (x) A nVx[P 2 {x) ^Vyiz3u<P(x,y,z,u)] 
A □Vx[P 3 (a;) ^P 4 (x)] 
A n*x[Pi(x) OPa{x)) 
A \JVx[P 4 (x) ^Pi(x)} 
A nVa:[(Pi(a;) A -nP 2 (a:)) waitforP 2 {x)] 
A ENx[(waitforP 2 (x) A O^P 2 (x)) => OwaitforP 2 (x)] 
A \Z\\/x§-iwaitforP2{x). 

The parts of this formula form the following monodic temporal problem (we also re- 
name the complex p2(a;) V waitforP 2 {x) expression by P 5 (x)): 
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{3xP 3 (x)}, 

' Vx(P 2 (x) =>- \/y\/z3u<P(x, y, z,u)), 

Vx{P 3 (x) => Pi{x)), 

Vx(P 4 (x) => Pi (or)), 

Vx({P!(x) A ->P2(x)) waitforP 2 {x)), 
k Vx{p 5 (x) P 2 {x) V waitforP 2 {x)) 

r p 4 (x) =► op^x), 

\ waitforP 2 (x) => OP 5 (x) 
{ n^x()^waitforP 2 (x) } . 



} , 



□ 



4 Temporal resolution 

As in the propositional case [10,4], our calculus works with merged step clauses, but 
here the notion of a merged step clauses is much more complex. This is, of course, 
because of the first-order nature of the problem and the fact that skolemisation is not al- 
lowed under temporal operators. In order to build towards the calculus, we first provide 
some important definitions. 

Definition 4 (Derived Step Clauses). Let Pbe a monodic temporal problem, and let 

Pi, (x) => OM n (x),..., P lk (x) OM lk (x) (4) 

be a subset of the set of its original non-ground step clauses. Then 

Vx(P n (x) V • • • V P lh (x)) OVx(M 4l (x) V • • • V M ik (x)), (5) 
3x(P n (x) A • • • A P lk (x)) 03x(M n (x) A • • • A M lk (a)), (6) 
P i} {c) => OM i} {c) (7) 

are derived step clauses, where c G const (P) and j = 1 . . . k. 

A derived step clause is a logical consequence of its premises obtained by "dividing" 
and bounding left-hand and right-hand sides. 

Definition 5 (Merged Derived Step Clauses). Let {@i => O^i, • • • , & n => O&n} 
be a set of derived step clauses or original ground step clauses. Then 

n n 

A *i o A *i 

i=l i=l 

is called a merged derived step clause. 

Note that the left-hand and right-hand sides of any merged derived step clause are closed 
formulae. 
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Definition 6 (Full Merged Step Clauses). Let A ^ OB be a merged derived step 
clause, P\{x) => OM\(x), . . . , Pk(x) => OMk(x) be original step clauses, and 

k k 

A{x) d = A Pi(x), B{x) A Mi(x). Then 

i=l i=l 

Vx(A A A(x) ^0{BA B(x))) 

is called a full merged step clause. In the case k = 0, the conjunctions A{x), B(x) 
are empty, that is, their truth value is true, and the merged step clause is just a merged 
derived step clause. 

Definition 7 (Constant Flooding). Let P be a monodic temporal problem, P p = P U 
{0L(c) | QL(x) G £, c e const(P)} is the constant flooded form 5 of P. 

Evidently, P c is satisfiability equivalent to P. 

Example 2. Let us consider a temporal problem given by 

I = {il. Q(c)}, 

f ui. OMMx) a^)) 1 

\«2. □Vx(Q(a;)A3|,(-.P 1 (y)A-.i? ! (i/))=>L(a;))/' 
f si. PiG^^O-Pi^)] 
5 = { s2. P 2 (.t) 0-P 2 (x) } 

[s3. o(i)^og(i) J 

£ = {el. O-P(x)}, 

Then 

dl. P 1 (c) ^ O^ic), 

d2. 3yPi(y)=> 03y^Pi(y), 

d3. VyPi(y) ^ OVy^Pi(y), 

dA. 3y(P 1 (y) A P 2 (y)) 03»(-.Pi(y) A -P 2 (y)) 
d5. Vy(Pi(y) V P 2 (y)) OVy(-Pi(y) V -P 2 (j/)) 

are examples of derived step clauses. Every derived step clause is also a merged derived 
step clause. In addition, 

ml. Pi(c) A 3yPi(y) 0(-Pi(c) A 3?/^Pi (?/)), 
m2. 3yPi(y) A Vj/Pi(y) 0(3»-.Pi(») A V^Pi(y)) 

are other examples of merged derived step clauses. Finally, 

fml. Vx(P 2 (x) A Pi(c) =>■ 0(-P 2 (x) A -Pi(c))), 

/m2. Vx(Q(x) A 3y(P 1 ( 2/ ) A P 2 (y)) 0(Q(x) A 3»(-.Pi(») A -P 2 (t/)))), 

/m3. Va;(Pi(x) A 3yP\(y) A MyP\{y) => 0(Q(x) A 3y-Pi(y) A Vy^Pi(y))) 

are examples of full merged step clauses. 

Note that, constant flooding adds to the problem the eventuality _, i(c). 

5 Strictly speaking, P c is not in DSNF: we have to rename ground eventualities by proposi- 
tions. Rather than "flooding", we could have introduced special inference rules to deal with 
constants. 



9 



Inference Rules. The inference system we use consists of the following inference 
rules. (Recall that the premises and conclusion of these rules are (implicitly) closed 
under the □ operator.) 

In what follows, A O B and Ai => OBi denote merged derived step clauses, 

Vx(A A A(x) => O (B A B(x))) and Mx{Ai A A^x) => O (B t A B t {x))) denote full 
merged step clauses, and U denotes the (current) universal part of the problem. 

- Step resolution rule w.r.t. U: — ^Jp^ (0„ s ) ; where U U {B} |=_L 

- Initial termination rule w.r.t. U: The contradiction _L is derived and the derivation 
is (successfully) terminated if U U I |=_L. 

- Eventuality resolution rule w.r.t. U: 

Vx(Ai AAx{x) => 0{B\ A Bi{x))) 

0L(x) 

VxjAn A A n {x) => O (B n A B n (x))) u 

Vx A(-AVnii(i)) 
i=l 

where Vx(Ai A Ai(x) =^> OBi A Bi(x)) are full merged step clauses such that for 
all i S {1, . . . , n}, the loop side conditions 



Vx(W A Bi A Bi{x) => -^L(x)) and \/x(U A B t A B t {x) \J (Aj A Aj(x)) 
are both valid. 

The set of merged step clauses, satisfying the loop side conditions, is called a loop 

n 

in ()L(x) and the formula V (Aj(x) A Aj(x)) is called a loop formula. 

i=i 

- Eventuality termination rule w.r.t. U: The contradiction _L is derived and the deriva- 
tion is (successfully) terminated if U \= Vx-*L(x), where ()L(x) 6 £ b . 

- Ground eventuality resolution rule w.r.t. U: 

Al^QBu A n ^OB n 01 

n \vres) i 

(A -A) 

where Ai =>■ O Bi are merged grounded step clauses such that the loop side condi- 
tions 

n 

UABi\=^l and U A B, (= \f Aj for all ie{l,...,n] 

i=i 

are satisfied. Ground loop and ground loop formula are defined similarly to the case 
above. 



6 In the case U \= Vx^L(x), the degenerate clause, true => Otrue, can be considered as a 
premise of the eventuality resolution rule; the conclusion of the rule is then -itrue and the 
derivation successfully terminates. 
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- Ground eventuality termination rule w.r.t. U: 

The contradiction _L is derived and the derivation is (successfully) terminated if 
U h ~>l, where <)l e £ . 

Definition 8 (Derivation). A derivation is a sequence of universal parts, U = Uq C 
li\ C tf 2 C . . . , extended little by little by the conclusions of the inference rules. 
Successful termination means that the given problem is unsatisfiable. The X, S and £ 
parts of the temporal problem are not changed in a derivation. 

Note 1. The eventuality resolution rule above can be thought of as two separate rules: 
an induction rule to extract a formula of the form \/x{P{x) => O LJ^L(x)) and a 
resolution rule to resolve this with \/y()L(y), that is, 

- Induction rule w.r.t. U: 

\/x(Ai A A\(x) 0(Bi ABi(i))) 

Vx(A n A A n (x) => 0(B n A B n {x))) 

n ( ind ) » 

Vx( V {A A Mx)) =>• O D-L(x)) 

i=\ 

(with the same side conditions as the eventuality resolution rule above). 

n 

The formula V (Sj A Bi(x)) can be considered as an invariant formula since, 

i=l 

within the loop detected, this formula is always true. 

- Pure eventuality resolution: 

n 

Vx{\/ (AiAAi{x))^On^L{x)) §L{x) 

— n (Or-)- 

VX AfnijVnAifl)) 
i=l 

The ground eventuality resolution rule can be split into two parts in a similar way. 

Example 3 (Example 2 contd.). We apply temporal resolution to the (unsatisfiable) tem- 
poral problem from Example 2. It can be immediately checked that the loop side con- 
ditions are valid for the full merged step clause fm2, 

fm2. Vx(Q(x)A3y(P 1 (y)AP 2 (y)) 0(Q(x) A 3y(-Pi(y) A -P 2 (y)))), 

that is, 

3y(--Pi(») A -.P 2 (y)) A Q(ar) (see «2), 

3»(--Pi(y) A -.P 2 (y)) A Q(ar) 3y(Pi(y) A P 2 (y)) A Q(x) (see «1). 

We apply the eventuality resolution rule to el and ml and derive a new universal clause 

nul. □Vx(-.(3y(Pi(y) A P 2 (y))) V -.Q(x)) 

which contradicts clauses ul and il (the initial termination rule is applied). 
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Example 4. The need for constant flooding can be demonstrated by the following exam- 
ple. None of the rules of temporal resolution can be applied directly to the (unsatisfiable) 
temporal problem given by 

l={P(c)}, S = {q^Oq}, 

U = {q = P(c)}, £ = {O-P(x)}. 

If, however, we add to the problem an eventuality clause 0^ and a universal clause 
I =>■ -iP(c), the step clause q => Oq will be a loop in Oh and the eventuality resolution 
rule would derive -true 7 . 

Correctness of the presented calculi is straightforward. 

Theorem 2 (Soundness of Temporal Resolution). The rules of temporal resolution 
preserve satisfiability. 

Proof Considering models for FOTL formulae, it can be shown that the temporal res- 
olution rules preserve satisfiability. Let Wl = (D, I) be a temporal structure and o be 
a variable assignment. We assume that a temporal problem P is true in Wl under the 
assignment a and show that P, extended with the conclusion of a temporal resolution 
rule, is true in SDT under a. We do this by considering cases of the inference rule used, 
as follows. 

- Consider the step resolution rule. Let A => OS be a merged derived clause and 
assume that QJl h° D(i^OB),WUB \=±, but for some i > 0, £01* ^° -.A 
Then Wli+i \= a B in contradiction with the side condition of the rule. 

- Consider now the eventuality resolution rule. Let Vx( At A Ai (x) => OBiABi(x)), 
i e {1, . . . , n}, be full merged step clauses and <)L(x) be an eventuality such that 

m \= a A Vx(A A Ai(x) => OBi A Bi(x)), 9Jl |=° nVx<>L(x), and the loop 

i=l 

n 

side conditions \/x(U ABt AS, (x) =^> ->L(x)) and Vx(U A Bi A Bi(x) => V (A' A 

i=i 

n 

A(a;)) are both valid, but for some fe > 0, M k y= a Mx [\ (->Ai V ^A^x)). It 

i=l 

follows there exists a domain element d E D such that Tlk |= a (Aj A Aj(d)). It 
is not hard to see that, by validity of the loop side conditions and by the fact that 
the full merged clauses are true in Wl under a, SOT; ^ a -<L(d) for all / > k, that is, 
9ttfc+i 1=° \Z\^L(d) in contradiction with the eventuality. 

- Correctness of the initial termination and eventuality termination rules is obvious. 

- Correctness of the ground counterparts of the eventuality resolution and eventuality 
termination rules can be proved in a similar way. 

□ 

7 Note that the non-ground eventuality Q-iP(x) is not used. We show in Section 7 that if all step 
clauses are ground, for constant flooded problems we can neglect non-ground eventualities. 
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We formulate now the completeness result and prove it in Section 5, which is entirely 
devoted to this issue. 

Theorem 3 (Completness of Temporal Resolution). Let an arbitrary monodic tempo- 
ral problem P be unsatisfiable. Then there exists a successfully terminating derivation 
by temporal resolution from P 2 . 

5 Completeness of Temporal Resolution 

In short, the proof of Theorem 3 proceeds by building a graph associated with a monodic 
temporal problem, then showing that there is a correspondence between properties of 
the graph and of the problem, and that all relevant properties are captured by the rules 
of the proof system. Therefore, if the problem is unsatisfiable, eventually our rules will 
discover it. 

First, we introduce additional concepts. Let P = (U, I, S, 8) be a monodic temporal 
problem. Let {Pi, . . . , Pjv} and {pi, . . . ,p n }, N,n > 0, be the sets of all (monadic) 
predicate symbols and all propositional symbols, respectively, occurring in S U £. 

A predicate colour 7 is a set of unary literals such that for every Pi(x) G 
{Pi(x), . . . , Pjv(x)}, either Pi(x) or -Pj(;r) belongs to 7. A propositional colour 9 
is a sequence of propositional literals such that for every pi G {pi, . . . ,p n }, either pi 
or -ipi belongs to 9. Let r be a predicate colour, 9 be a propositional colour, and p be 
a map from the set of constants, const(P), to P. A triple (P, 9, p) is called a colour 
scheme, and p is called a constant distribution. 

Note 2. The notion of colour scheme came, of course, from the well known concept 
used in the decidability proof for the monadic class in classical first-order logic (see, 
for example, [2]). In our case, P is the quotient domain (a subset of all possible equiv- 
alence classes of predicate values), 9 is a propositional valuation, and p is a standard 
interpretation of constants in the domain P. We construct quotient structures based only 
on the predicates and propositions which occur in the temporal part of the problem, 
since only these symbols are really responsible for the satisfiability (or unsatisfiability) 
of temporal constraints. In addition, we have to consider so-called constant distributions 
because, unlike in the classical case, we cannot eliminate constants replacing them by 
existentially bound variables since in doing this the monodicity property would be lost. 

For every colour scheme C = (P, 9, p) let us construct the formulae P c , Ac, Be in 
the following way. For every 7 G P and for every 9, introduce the conjunctions: 

F 7 (a;) = A F e = 

L(x)ej lee 

Let 

M x ) = AWz) I L{x) OM(x) G S, L(x) g 7}, 
Bj(x) = A{M(x) I L(x) => OM(x) G S, L(x) G 7}, 
Ae = f\{l\l=>OmeS,lE9}, 
B e = /\{m I I Om G S, I G 9}. 

(Recall that there are no two different step clauses with the same left-hand side.) 
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Now Tq, Ac, Be are of the following forms: 

T c = A 3xF 1 (x) AF e A A ^(c)(c)AVz V ^W, 

A c = A 3iA 7 (x)AA A A ^ P (c)(c)AVa; V AO), 
7£-T cec yer 

B c = A 3.tP 7 (:e) A Bg A A S p(c) (c)AVx V # 7 (z)- 
7er cec 7 e-T 

We can consider the formula Tc as a "categorical" formula specification of the quotient 
structure given by a colour scheme. In turn, the formula Ac represents the part of this 
specification which is "responsible" just for "transferring" requirements from the cur- 
rent world (quotient structure) to its immediate successors, and Be represents the result 
of transferal. 

Example 5. Consider a monodic temporal problem, P, given by 

J = 0, S = {P(x)^OP(x)}, 

U = {l^3xP(x)}, £ = {0^P{x),0l}- 

For this problem, there exist two predicate colours, 71 = [P(a:)] and 72 = [~P(o;)]; 
two propositional colours Q\ = [I] and 9 2 = [->/]; and six colour schemes, 

Ci = «7i}A), C 4 = ({7i},02), 

C 2 = ({72}A), C 5 = ({72},0 2 ), 

C3 = ({7i,72}A), C 6 = ({71, 72}, #2)- 

The categorical formulae for these colour schemes are the following: 

T Cl = 3xP(x) A VxP(x) A I Ac,= 3xP(x) A VxP(x) B Cl = 3xP(x) A VxP(x) 

Tc 2 = 3x^P(x) A \/x^P(x) A I Ac 2 = true B C2 = true 

Tc 3 = 3xP(x) A 3x^P(x) A I A Cs = 3xP{x) B Cs = 3xP(x) 

T Ci = 3xP(x) A \/xP{x) A -n/ A Ci = 3xP(x) A VxP(x) B Ci = 3xP(x) A MxP(x) 

P Cs = 3x^P(x) A Vx-.P(x) A -.J A Cs = true B Cs = true 

Pc 6 = 3xP(x) A 3x^P(x) A Ac 6 = 3xP(x) B c& = 3xP(x) 

Definition 9 (Canonical Merged Derived Step Clauses). Let P be a first-order tem- 
poral problem, C be a colour scheme for P. Then the clause 

{Ac OBc), 

is called a canonical merged derived step clause for P. 

If all the sets J 7 , for all 7 G P, and Jg are empty, the clause {Ac => OBc) 
degenerates to (true => Otrue). If a conjunction A 1 (x), 7 G P, is empty, that is its 
truth value is true, then the formula \fx V 7 er A 1 (x) (or Vx V 7 e_r B 7 {x)) disappears 
from Ac (or from Be respectively). In the propositional case, the clause (Ac => OBc) 
reduces to (Ag =^> O Bg). 

Definition 10 (Canonical Merged Step Clause). Let C be a colour scheme, Ac => 
OBc be a canonical merged derived step clause, and 7 G C. 

Vx(A c A Ay(x) => O (Be A P 7 (x))) 



14 




Fig. 1. Behaviour graph for the problem X = 0, U = {I =>• 3a;P(a;)}, 5 = {P(a) OP(i)}, 
£ = {O^P(x), 0^} (Example 6). 



is called a canonical merged step clause. If the set J 7 is empty, the truth value of the 
conjunctions A 7 (x), B 1 (x) is true, and the canonical merged step clause is just a 
canonical merged derived step clause. 7 £ C abbreviates here 7 £ T, where C = 

(r,e, P ). 

Definition 11 (Behaviour Graph). Now, given a temporal problem P = (U,I, S, £) 
we define a finite directed graph G as follows. Every vertex of G is a colour scheme C 
for P such that Li U Tq is satisfiable. For each vertex C = {T, 9, p), there is an edge in 
G toC = (r', 8' , p'), if U f\Tc A Be is satisfiable. They are the only edges originating 
from C. 

A vertex C is designated as an initial vertex of G if I A U A Te is satisfiable. 

The behaviour graph H of P is the subgraph of G induced by the set of all vertices 

reachable from the initial vertices. 



Example 6 (Example 5 contd.). Let us construct the behaviour graph for the problem 
given in Example 5. Note that Tc 2 A U |=_L, so the vertex C 2 is not in the graph. The 
behaviour graph for P, given in Fig. 1, consists of five vertices; all of them are initial. 
There is an edge in the graph from the node C 3 to the node C\ since the formula 

UAT Cl AB C3 , 

I 3xP(x) A 3xP(x) A VxP(x) A I A 3xP(x), 

U F Cl Bc 3 

is satisfiable. There is no edge from C\ to C3 since the formula U A Tc 3 A Bc x , 
I 3xP(x) A 3xP(x) A 3x^P(x) A I A 3xP(x) A MxP{x) 

S v ' S v ' S v ' 

U Fc 3 B Cl 
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is unsatisfiable. Other edges are considered in a similar way. 

Lemma 2. Let P\ — (Ui , T, S, £} and P2 = (U 2 , 1, S, £} be two problems such that 
U\ C U2- Then the behaviour graph of P 2 is a subgraph of the behaviour graph of Pi. 

Proof Satisfiability of IA2 implies satisfiability of U\. □ 

Definition 12 (Path; Path Segment). A path, it, through a behaviour graph, H, is a 
function from N to the vertices of the graph such that for any i > there is an edge 
(7r(i), ir(i + 1)} in H. In a similar way, we define a path segment as a function from 
[m, n], m < n, to the vertices of H with the same property. 

Recall that vertices of the behaviour graph of a problem, P, are quotient representations 
of "intermediate" interpretations Wl n in possible models of P. Intuitively, if a pair of 
vertices, or of colour schemes, C and C is suitable, then this pair can represent adja- 
cent interpretations Tli and Tli + i in a model of P. The definition of predicate colour 
suitability given below expresses the condition when a pair of predicate colours spec- 
ify an element in adjacent interpretations with regard to the step part of P. A similar 
intuition is behind the notions of suitable propositional colours and suitable constant 
distributions. 

Definition 13 (Suitability). For C = (r, 9, p) and C = (r', 9', p'), let (C, C) be an 

ordered pair of colour schemes for a temporal problem P. 

An ordered pair of predicate colours (7, 7 ') where 7 6 F, 7' e T' is called suitable if 
the formula U A 3x(F 7 / (x) A B 7 (x)) is satisfiable; 

Similarly, an ordered pair of propositional colours (9, 9') is suitable ifU A Fg> A Bg is 
satisfiable; and 

an ordered pair of constant distributions (p, p') is suitable if, for every c G C, the pair 
(p(c), p'(c)) is suitable. 

Note that the satisfiability of 3x(F 7 '(x) A B 1 (x)) implies |= Vx(F y '(x) =>• B 1 (x)) as 
the conjunction F 7 / (x) contains a valuation at x of all predicates occurring in _B 7 (x) . 

Lemma 3. Let H be the behaviour graph for the problem P = (U,2,S,£) with an 
edge from a vertex C = (r, 9, p) to a vertex C = (/"", 9' , p'). Then 

1. for every 7 6 T there exists a 7 ' G i~" such that the pair (7, 7 ') is suitable; 

2. for every 7 ' G J" there exists a 7 G r such that the pair (7,7') is suitable; 

3. the pair of propositional colours (9, 9') is suitable; 

4. the pair of constant distributions (p, p') is suitable. 

Proof From the definition of a behaviour graph it follows that U A Tc A Be is satisfi- 
able. Now to prove the first item it is enough to note that satisfiability of the expression 

U A To A Be implies satisfiability of U A (Vx V Fy (x)) A 3xB 7 (x). This, in turn, 

j'er' 

implies satisfiability of its logical consequence U A \J 3x(F^' (x) A B 1 (x)). So, one 

7'e-T' 

of the members of this disjunction must be satisfiable. The second item follows from 
the satisfiability of U A (Vx \J B 1 {x)) A 3xF 7 > (x). Other items are similar. □ 
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Example 7 (Example 6 cont.). Let us consider suitability of predicate and propositional 
colours from Example 5. 

Since the formula U A 3x(F 11 (x) AB j2 {x)), where U = {I => 3xP(x)}, F 7l = P(x), 
and B r2 = true, is satisfiable, the pair (71, 72) is suitable. 

Since the formula U A 3x (F 72 (x) A B 7l (x)), where U = {I =>• 3xP(x)}, F 72 = ->P{x), 

and £? 7l = P{x), is unsatisfiable, the pair (72, 71) is not suitable. 

In a similar way, it can be easily checked that the pairs of predicate colours 

(71,71) and (72,72), 
and the pairs of propositional colours 

{6 U 6 2 ), {02,6!), and {62,62) 

are suitable. 

Let H be the behaviour graph for a temporal problem P = (U,I,S,£) and 7r = 
Co, ... , C n , ... be a path in H where d = {r%,6i, p{). Let Go — % U {^c } an d 
£n = -^c A Bc n _ 1 for n > 1. According to the definition of a behaviour graph, 
the set U U {Gn} is satisfiable for every n > 0. 

From classical model theory, since the language C is countable and does not contain 
equality, the following lemma holds. 

Lemma 4. Let k be a cardinal, k > Hq. For every n > 0, if the set IA U {G n } is 
satisfiable then there exists an C-model 9Jl„ = (D, /„) ofU U {Gn} such that for every 
7 e r n the set -D( n ,7) = {« £ O 9K„ |= F 1 (a)} is of cardinality k. 

Definition 14 (Run/E-Run). Let tt be a path through a behaviour graph H of a tem- 
poral problem P, and ir(i) = (i^, 6i, pi). By a run in Tt we mean a function r(n) from 
N to IJign ^ sucn { h at fo r every n € N, r{n) G and the pair (r{n), r{n + 1)) is 
suitable. In a similar way, we define a run segment as a function from [m, n], m < n, 
to UiGN with the same property. 

A run r is called an e-run if for all i > and for every non-ground eventuality 
()L(x) E £ there exists j > i such that L{x) E r{j). 

Let 7T be a path, the set of all runs in n is denoted by 1Z{n), and the set of all e-runs in 
7r is denoted by lZ e (ir). If tt is clear, we may omit it. 

Example 8. tt = C3, Cq, C3, C%, . . . is a path through the behaviour graph given in 
Fig. 1. n = 71, 71, 71, ■ ■ • and r 2 = 71,72,71,72, ■ • ■ are both runs in n. r 2 is an 
e-run, but n is not. 

We now relate properties of the behaviour graph for a problem to the satisfiability of 
the problem. 

Theorem 4 (Existence of a model). Let P = (U, X, S, £) be a temporal problem. Let 
H be the behaviour graph ofP, let C andC be vertices of H such that C = (_T, 9, p) and 
C = {r 1 , & , p'). If both the set of initial vertices of ' H is non-empty and the following 
conditions hold 
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1. For every vertex C, predicate colour^ G r, and non-ground eventuality §L(x) G £ 
there exist a vertex C and a predicate colour 7' G J" such that 

((C, 7 ) - + (C', 7 ')A£(x)G 7 '); 

2. For every vertex C, constant c G const (P), and non-ground eventuality ()L(x) G £, 
there exists a vertex C such that 

(C — > + C' A L (x) G p (c)) ; 

3. For every verfex C and ground eventuality ()l G £, there exists a vertex C such that 

(c ^+ c a i g e') 

then Phas a model. Here (C, 7) (C , 7') denotes that there exists a path tt from C 
to C such that 7 and 7 ' belong to a run in tt; and C — * + C denotes that there exists a 
path from C to C. 

The proof proceeds as follows. First, we provide a lemma showing that, under the con- 
ditions of Theorem 4, there exists a path through the behaviour graph satisfying certain 
properties, and then we show that, if such a path exists, then the problem has a model. 

Lemma 5. Under the conditions of Theorem 4, there exists a path tt through H where: 

(a) 7r(0) is an initial vertex of H; 

(b) for every colour scheme C — tt{i), i > 0, and every ground eventuality literal 
(}l G £ there exists a colour scheme C = ir{j), j > i, such that I G 9'; 

(c) for every colour scheme C = n(i), i > and every predicate colour 7 from the 
colour scheme there exists an e-run r G lZ e (7r) such that r(i) = 7; and 

(d) for every constant c G C, the function r c (n) defined by r c (n) = p n (c), where p n is 
the constant distribution from 7r(n), is an e-run in tt. 

Proof [of Lemma 5] Let ()L\(x), . . . , §Lk(x) be all non-ground eventuality literals 
from £; Oh, ■ ■ ■ , ()l P be all ground eventuality literals from £ ; and a,.. .,c q be all 
constants of P. Let Co be an initial vertex of H. We construct the path tt as follows. Let 
{71, . . . , 7 S0 } be all predicate colours from _T Co . By condition (1) there exists a vertex 
C< 7l ' Ll) and a predicate colour 7^ G r,-,,,^ such that (C ,7i) -> + (d 7l ' Ll) , 7^ } ) 

andii(x) G 7^. In the same way, there exists a vertex Cq 71 ^ 2 - 1 and a predicate colour 
7 f } G r c ^ L2) such that (C< 7l ' il) ,7l 1) ) - + (4j 7l ' i2) ,7i 2) ) andL 2 (z) G ^\ And 
so on. Finally, there exists a vertex C^ 7l,ifc ^ and a predicate colour 7 | fc ^ G r c ( 1b i t ) 

such that (C^ 7l ' i *- l) ,7i fc " 1) ) ^ + (^ 7l,L * ) ,7i fc) ) and L fe (z) G 7 < fc) ■ Clearly, 7l , 
. . . ,7^,. . . , 7 ^ 2 \. • • ,7^ forms a segment of a run and every non-ground eventuality is 
satisfied along this segment. 

Now, let 72°^ be any successor of 72 in r ( yi , Lk ). As above, there exists a se- 

quence of vertices C^ 2 ' Ll \. .., Cq 72 '^ and a sequence of predicate colours 7^ G 
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r ( 12 , Ll) ,..., 7^ fc) e r {l2 ,L k) such that 72,..., 7^ 0) , . . . ,7^', . . . ,7^ fc) forms a seg- 
ment of a run and every non-ground eventuality is satisfied along this segment. Con- 
tinue this construction. At a certain point we construct a segment of a path from Co to 
a vertex (^ 7s o' ifc ) suc h that for every 7 G Co there exists 7' G Cq 7so ' L,c ' such that all 
eventualities are satisfied on the run-segment from 7 to 7 '. 

In a similar way we can construct a vertex Cq C1,Li ' such that ^ 7s ° ,ifc ' Cq C1 ' Li ^ 
and L\{x) G p (c 1 ,l 1 ) (ci). And so on. Then we can construct a vertex Cq' 1 ' such that 

d c " Lk) -►+ d'° and h G ff-do. And so on. 

Finally, we construct a vertex C' = Cq"^ such that Co C and on this path 
segment all conditions of the theorem hold for C = Co- Let us denote this path segment 
as A , and let C\ be any successor of C' Q . 

By analogy, we can construct a vertex C[ and a path segment Ai from Ci to C[ such 
that all conditions of the theorem hold for C = C\. An so forth. Eventually, we construct 
a sequence Co, Ci,. . . , Cj such that there exists n, < n < j and C n — Cj because 
there are only finitely many different colour schemes. Let 7Ti = Ao, . . . , A n _i, 7r 2 = 
X n , . . . Now, we define our path n as 7Ti(7r 2 )*. Properties (a) and (b) evidently 
hold on 7r. 

Let C = n(i) and 7 G i"c. Clearly, there exist 7' G Co and 7" G C n such that 
(Co, 7') (C,7) and (C,j) (C„,7"). Since for every 7" G C„ there exists 
7"' G Cn Sn ' Lk ^ such that all eventualities are satisfied on the run-segment from 7" to 
7"' and there exists 7 < 4 ) G C„, (d 7s "' Lt;) , 7'") -►+ (C„, 7W), then there is an e-run, 
r, such that r(i) = 7, that is, property (c) holds. 

Note that, for every constant c of P the sequence r c (n) is a run in ir. By construc- 
tion, for every (}L(x) G £ there is a vertex ci c ' L ' in 7T2 such that L(x) G p c (c,L) (c). 
Therefore, r c (n) is an e-run in 7r and property (d) holds. □ 

Proof [of Theorem 4] Following [18,3] take a cardinal n > Ho exceeding the cardi- 
nality of the set lZ e . Let us define a domain D — {(r, £} \ r G TZ e , £ < «}. Then for 
every n G N we have 

•D= U where £> ( „ ;7) = {(r,£) | r(n) = 7} and |D(„ l7 )| = k. 

7er„ 

Hence, by Lemma 4, for every n G N there exists an C-structure 0Jt n = (D, I n ) satis- 
fying U U {£„} such that D(„ l7 ) = {(r,£) G D | 9Jt„ |= F 7 ((r,£))}. Moreover, we 
can suppose that c In — (r c , 0) for every constant c G const(P). A potential first order 
temporal model is 9Jt = (D, I), where I(n) = I n for all n G N. To be convinced of 
this we have to check validity of step and eventuality clauses. (Recall that satisfiability 
of X in 97t is implied by satisfiability of Q in SDto-) 

Let \ZWx(Pi(x) =>• ORi(x)) be an arbitrary step clause; we show that it is true in 
9JT. Namely, we show that for every n > and every (r, £} G D, if Wl n \= Pi({r, £)) 
then Wl n+1 |= Ri((r,£)). Suppose r(n) = 7 G T„ and r(n + 1) = 7' G T', 
where (7,7') is a suitable pair in accordance with the definition of a run. It follows 
that (r,£) G D( n ,-y) an d ( r i0 £ ^(n+i, 7 ')> m other words Wl n |= F-y((r,£)) and 
9K„ +1 [= F 7 *((r,£}). Since 971™ |= Pi((r,£)) then 7(1) = 1. It follows that (x) is a 
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conjunctive member of B 1 {x). Since the pair (7, 7 ') is suitable, it follows that the con- 
junction 3x{F 1 i{x) A B 7 (x)) is satisfiable and, moreover, |= \/x(F 7 >(x) =$> B 1 {x)). 
Together with 9Jl„ + i |= F 1 i{{r,£)) this implies that 9Jl„+i |= Ri((r, £)). Propositional 
step clauses are treated in a similar way. 

Let ( \Z\Vx)()L(x) be an arbitrary eventuality clause. We show that for every n > 
and every (r, () 6 £), r e 7£ e , £ < K > there exists m > n such that 9Jt m |= £((r, £}). 
Since r is an e-run, there exists C = 7r(m) for some m > n such that r(m) = 7 ' 6f' 
and i(a;) 6 7'. It follows that (r, £) 6 D( mi7 /), that is 37l m |= F 7 < ((r, £)). In particu- 
lar, 9Jt m |= £}). Propositional eventuality clauses are considered in a similar way. 

□ 

Note 3. For constant flooded temporal problems condition 3 of Theorem 4 implies con- 
dition 2. 

Lemma 6. Let 971 be a first-order temporal structure. Then there exists a colour scheme 
C such that Wl \= Tc- 

Proof Let 9JI = (D, I). For every a e D, let 7( a ) be the set of unary literals such that 
for every predicate Pi(x), < i < N, 

Pi(x) G7(„) if 2tth^(«) 
^iW6 7(«) if !0t ^ Pi (a). 

Similarly, let be the set of propositional literals such that for every proposition pj, 

0<j<n, 

Pj e9 if m \= pj 
^Pj€6 if Wlfipj. 

We define r as {7( ) I a 6 D}, and p(c) as 7( C J). Clearly, 971 |= Tc- □ 

Proof [Theorem 3: completeness of temporal resolution] The proof proceeds by 
induction on the number of vertices in the behaviour graph H for P = (U,X, S, £}, 
which is finite. If H is empty then the set UVS1 is unsatisfiable. In this case the derivation 
is successfully terminated by the initial termination rule. 

Now suppose H is not empty. Let C be a vertex of H which has no successors. In 
this case the set U U Be is unsatisfiable. Indeed, suppose U U {Be} is true in a model 
9JI. By lemma 6, we can define a colour scheme C such that 5D? |= Tc ■ As Be A Tc 
is satisfiable, there exists an edge from the vertex C to the vertex C in the contradiction 
with the choice of C as having no successor. 

The conclusion of the step resolution rule, ->Ac, is added to the set U\ this implies 
removing the vertex C from the behaviour graph because the set {To,-* Ac} is not 
satisfiable. 

Next, we check the possibility where H is not empty and every vertex H has a suc- 
cessor. Since the problem, P, is unsatisfiable, at least one condition of Theorem 4 is 
violated. By Note 3, it is enough to consider only two cases of violation of the condi- 
tions of Theorem 4. 
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First condition of Theorem 4 does not hold. Then, there exist a vertex Co, predicate 
colour 70, and eventuality ()L (x) such that for every vertex C and predicate colour 

7 e r', 

(Co,7o)^ + (C',7')^io(x)^ 7 '- (8) 

Let 3 and 3i, i E 3 be finite nonempty sets of indexes such that {d \ i E 3} is the 
set of all successors of C (possibly including Co itself) and {7^ e li | i G J, j E 
Zi, 7o Ji.j} is the set of all predicate colours such that there exists a run going 
through 70 and the colour. (To unify notation, if ^ 3, we define 3o as {0}, and 7o ,o 
as 7 o; and if G 3, we add the index of 7 o to 3o- Therefore, 3o is always defined and 
without loss of generality we may assume that 70.0 = 7 o-) 

Let d 1 , . . . , Ci k be the set of all immediate successors of Co- To simplify the proof, 
we will represent canonical merged derived step clauses Ac => O Be (and Ac il => 
O-Bci,) simply as A4 => OBi (and Ai t => OB^, resp.), and formulae Tc (and Tc^) 
simply as T% (and T t , resp.). 

Consider two cases depending on whether the canonical merged derived step clause 
Ao => OBo (or any of A4 => OBi, i E 3) degenerates or not. 

1. Let Ao = Bq ~ true. It follows that U \= \/x^Lo(x). Indeed, suppose 
U U {3xL (x)} has a model, 97t. Then we can construct a colour scheme C such 
that 971 |= Tc ■ Since d 1 , . . . , Ci k is the set of all immediate successors of Co 
and Bo = true, it holds that there exists j, 1 < j < k, such that Cj . = C. Since 
B l0 (x) = true, every pair ( 7o , 7 '), where 7 ' E r', is suitable; hence ^L (x) E 7 ' 
for every 7 ' E r', and Tc \= Vx-ii {x) leading to a contradiction. Therefore, 
U \= Vx-iio(^) and the eventuality termination rule can be applied. The same 
holds if any one of Ai ^ OBi degenerates. 

2. Let none of the A4 => OBi degenerate. We are going to prove that the eventuality 
resolution rule can be applied. First, we have to check the side conditions for such 
an application. 

(a) \/x(U A Bi A B li S (x) ^L (x)) for all i e 3 U {0}, j E 

Consider the case when i = j = (for other indexes the arguments are simi- 
lar). 

We show that 

Vx(U A So A B 1Q (x) => \f F~i'{x)) 

ie{i,...,fe}, 7^7' 

is valid (it follows, in particular, that Vx(WA,Bo AB la {x) => ^L (x)) is valid). 
Suppose 971 is a model for 

3x(U A Bo A B lQ (x) A f\ ^.(x)). 

(e{i,...,fe},7'€r il ,7- >7 ' 

Then there exists a colour scheme C such that 971 |= Tc ■ Since 97t |= Bo ATc , 

we conclude that C is among d 1 , . . . , Ci k . Note that 971 |= Tc follows, 

in particular, 97T |= Vx V i^ 7 //(x) and, hence, Q |= Vx(-B 7o (x) =>• 
7"er' 
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V F~ ( (x)). Together with the fact that 971 \= 3x(B 7o (x) A F 7 » (x)) im- 
7"ef 

plies 70 ->■ 7", we have 37T \= Vx(.B 7o (x) => V F i"i x ))- This 

7"er", 70^7 " 

contradicts the choice of the structure 371. 

(b) Vx(U A Bi A S 7i 3 . (x) V (A A A^, (a;))) for alii G 3 U {0}, 

fce3u{o}, 'ea fc 

i e 3i. 

Again, consider the case i = j = 0. Suppose 

U A Bo A 3x(B 7o (x) A /\ (-(A A A lh l (x)))) 
fceau{0}, zeOfc 

is satisfied in a structure 371. Let C be a colour scheme such that 37t |= To ■ 
By arguments similar to the ones given above, there is a vertex d t , 1 < I < k, 
which is an immediate successor of Co, such that d t = C, and hence 37t |= A'. 
It suffices to note that 

371 h Vx(B 7o (x) \J Ay»(x)). 

-y"er', 70^7" 

(As in the case 2(a) above, 371 |= Vx(i? 7o (x) => \J F^»(x)), and 

7 "er\ 70^7 " 

for all 7 " G r', the formula Vx(F 7 » (x) =>• A 7 » (x)) is valid.) 
After applying the eventuality resolution rule we add to U its conclusion: 

VX f\ (nAVnA,..^)). 

i£3U{0}, j£3i 

Then, the vertex Co will be removed from the behaviour graph (recall that To |= 

A A 3xA 70 (x)). 

Third condition of Theorem 4 does not hold. This case is analogous to the previous one; 
we only sketch the proof. There exist a vertex Co and eventuality O^o such that for every 
vertex C and predicate colour 7 G J", 

Co ^+ C'=>lot 0'. (9) 

Let 3 be a finite nonempty set of indexes, {Ci i <E 3} be the set of all successors of Co 
(possibly including Co itself). As in the previous case, one can show that 

- If any of A4 =>■ <3£>i (where i G 3) degenerates then U \= and the ground 
eventuality termination rule can be applied. 

- If none of the canonical merged derived step clauses degenerate then the following 
conditions hold 

• for alH G 3 U {0} UUB l ^= l Q 

• for alii e 3 U {0} WU6,h V A 

je3u{0} 

and so the ground eventuality resolution rule can be applied. 
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Example 9 (example 6 contd.). We illustrate the proof of Theorem 3 on the temporal 
problem introduced in Example 6. The behaviour graph of the problem is not empty; 
every vertex has a successor. It is not hard to see that the first condition of Theorem 4 
does not hold, and, following the proof, we can choose as Co, 70, and Lq, for example, 
Ci, 71, and -P(x), respectively. Then for every vertex C and predicate colour 7' G 

(Co,7o)- + (C', 7 ')=s>£o(a0*7'- 

The set of all (and all immediate) successors of C\ is {Ci, C4}. Note that the canonical 
full merged step clauses corresponding to C\ and C4 are identical, and none of them 
degenerates. For i G {1, 4}, the loop side conditions, 

Vx(((i 3xP(x)) A (3xP(x) A VxP(x)) A P(x) ) => P(x)) 
„ ' . ' 

Ui B % B 71 (x) 

and 

Vx(((l => 3xP(x)) A (3xP(x) A VxP(x)) A P(x) ) => 

Bi B 71 (x) 

V (3a;P(x) A VxP(a;) A P(x) )) 
je{i,4} v , ' v -v-' 

hold. Therefore, we can apply the eventuality resolution rule whose conclusion, 

Vx( f\ (->(3xP(x) AVxP(x))) A-P(x)), 
je{i,4} 

can be simplified to 3x^P(x). After the conclusion of the rule is added to U, vertices 
d and C4 and edges leading to and from them are deleted from the behaviour graph. 

For the temporal problem with the new universal part, again the first condition of 
Theorem 4 does not hold and, for example, for Co = C3, 70 =71, and L (x) — -P(x), 
and for every colour scheme C and every predicate colour 7' G P', 

(C ,7o)- + (C', 7 ')=s>£o(s)*7'- 

(Note that 72 is never a successor of 71.) The set of all (and all immediate) successors 
of C3 is {C3, Cq}. The canonical full merged step clauses corresponding to C3 and C§ 
are identical, and none of them degenerates. In a similar way, the loop side conditions 
hold and the conclusion of the eventuality resolution rule simplifies to Vx^P(x). This 
time, vertices C3 and C§ are deleted from the behaviour graph. 

For the new problem, the third condition of Theorem 4 does not hold for Co = C5, 
lo = I. Then for any vertex C, 

Co ^+ C =► l i 0'. 
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As the canonical full merged step clause degenerates (and U \= the ground eventu- 
ality termination rule can be applied. 

Note that if, in the beginning, instead of C\ we selected C 3 (or C 6 ) as Co, vertices C\, 
C3, C4, and C 6 would be deleted after the first application of the eventuality resolution 
rule. 

6 Extension of the Monodic Fragment 

In this, and the subsequent, section we adapt the resolution technique to a number 
of variations of monodic FOTL, whose completeness follows from the corresponding 
adaptation of the completeness results given in Section 5. We here consider an exten- 
sion of monodic temporal problems allowing an additional extended part X given by 
a set of arbitrary FOTL in the language without function symbols and with the only 
temporal operator being 'O ' ■ Since this temporal operator can be "moved inside" clas- 
sical quantifiers, we can assume, without loss of generality, that X is given by a set of 
first-order formulae constructed from temporal atoms of the form O l P(ti,t2, ■ ■ ■ , t n ), 
where P(t\, ti, . . . , t n ) is a first-order atom 8 . Such an extension permits more complex 
step formulae to be employed while restricting the allowed temporal operators. 

Example 10. A set of formulae XP given by 



is an example of an extended monodic problem. 

We are going to show that an extended monodic temporal problem can be translated 
(with a linear growth in size) into a monodic temporal problem while preserving satis- 
fiability. Essentially, we encode a few initial states of a temporal model as a first-order 
formula and ensure that this encoding is consistent with the rest of the model. 

Reduction Let XP = P U X be an extended monodic temporal problem. Let P = 
(T, U, S, £). Let k be the maximal number of nested applications of O in X, that is, the 
maximal i such that 0> l P{t\, t 2 , ■ ■ ■ , t n ) occurs in X for some predicate symbol P. For 
every predicate, P, occurring in XP, we introduce k + 1 new predicates P° , P 1 , . . . , P k 
of the same arity. Let <p be a first-order formula in the language of XP. We denote by 
[4>Y> < i < k, the result of substitution of all occurrences of predicates in <p with their 
i-th counterparts; (e.g., P(xi, £2) is replaced with P 1 (xi, £2)). 

We define the monodic problem P' = (X' ,U' ,S' ,£') as follows. Let W = U, 
S' = S, £' = £. As forZ', we take the following set of formulae. 

1. For every <p s I, the formula [</>]° is in I' . 

8 Decidability of this extension of the monodic fragment was suggested in a private communi- 
cation by M. Zakharyaschev. 



X 
1 
U 
S 
£ 



{VxVy(P(x,y) =► OOP(x,y))} 
{3x3yP(x,y)}, 
{VxVy(P(x,y) => R(x))}, 
{R(x) =>■ OR(x)}, 
{0^R(x)} 
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0(d) P(d) 




i 



Fig. 2. Model transformation 

k 

2. For every cf) 6M, the formula /\ [</>]' is in T '. 

i=0 

k—l 

3. For every P(x) => OQ(x) G 5, the formula A (Va^P^a;) => Q l+1 {x)) is in J'. 

4. For every tp G X, the formula i/>', the result of replacing all occurrences of temporal 
atoms 0' l P(t), i > 0, in ip with P*(i), is in J'. 

5. For every n-ary predicate P in the language of XP, the formula 
Vzi , . . . x n {P(x 1 , . . . , x n ) = P k (x 1 , . . . , x n )) is in T. 

6. No other formulae are in I 1 . 

Example 11 (Example 10 contd.). We give the reduction, P = (U,T,S,£), of the ex- 
tended temporal problem XP from Example 10. The universal, step and eventuality 
parts of P' are the same as of XP. The initial part, X, consists of the following formulae 

3x3yP°(x, y), 
VxVy(P°(x,y) ^ R°(x)), 
VxVy(P 1 (x,y)^R 1 (x)), 
VxVy(P 2 (x,y)^R 2 (x)), 
Vx(R°(x) R^x)), 
VxiR^x) R 2 (x)), 
VxVy(P (x,y)^P 2 (x,y)), 
VxVy(P(x,y)=P 2 (x,y)), 
\/x(R(x) =R 2 {x)). 

Theorem 5 (Reduction of Extended Problems). XP is satisfiable if, and only if, P is 
satisfiable. 

Proof We prove that given a model for XP it is possible to find a model for P' and 
vice versa. The transformation of models is depicted in Fig. 2. 
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First, consider a model 97t — (D, I) for XP and construct a model 97t' = {D, I') as 
follows. The interpretation of constants in the language of XP in 971' is the same as in 
971 (recall that constants are rigid). 

For every n-ary predicate P in the language of XP (in the initial signature), every 
n-tuple (d\, . . . , d n ) G D, and every i > 0, we define 

0Jl' i \=P(d u ...,d n ) iff m+k\=P(di,...,d n ). 

For every n-ary predicate P l , < i < k, in the extension of the initial language (that 
is, in the language of P' but not in the language of XP) we define 

m' Q \=p i (d 1 ,...,d n ) iff m HP(rfi,..,4), 

and P % is false in 971' for all other tuples and moments of time 9 . This definition is 
consistent with formulae from part 5 of X'; therefore 971' is defined correctly. 

Since truth values of all predicates from P are not changed but "shifted", clearly, 
971' |= U and 97t' |= S. Since all our eventualities are unconditional, that is, are of the 
form DO? and □ \/x<)L{x), the truth value of L(x) in the first k + 1 states of 971 does 
not affect the truth value of £' in 97t'; so 97t' |= £'. The fact that 971' |= X' can be 
established by considering step by step the definition of X'. Indeed: 

1. Let a formula [0]° be in J', where <fi £ I. Then 97tg |= [4>]° because for every 
predicates P and P°, 

Tl \=P(d 1 ,...,d n ) iff Wt' \=P°{d 1 ,...,d n ) 

holds and 97t |= <j). 

2. Let a formula [<f)] % , < i < k, be in X', where (f> G U. Then 97?q |= [<f>] 1 because for 
all predicates P and P\ 

£W i |=P(di,...,d n ) iff m' \=P i (d 1 ,...,d n ) 

holds and 971^ |= <f>. 

3. Let TV \= P'idx, . . . , d n ), < i < k. Then 97t t |= P(d u . . . , d n ), and because 
of P(x) => OQ(x) e S, we have 97L,+i |= Q{d u d n ). It follows M' Q \= 
Q i+1 (d u ...,d n ). 

4. Let ip e X, that is, 97l |= ip. For every subformula O i P(d 1 , d n ) of ip, 97l h 
O l P(d!, ...,d n ) holds if, and only if, 971^ |= P l (d u d n ). So, VR' \= ip'. 

5. In accordance with the definition of 971', 971q |= P(d\, . . . , d n ) if, and only if, 
97l fe h^i,---,rfr l )if,andonlyif,97l( ) \= P k (d u . . . ,d n ). 

Let 97T' be a model for P'. We construct a model 97t for XP. The interpretation of 
constants in the language of XP in 971 is the same as in 971'. For every n-ary predicate 
P in the language of XP and every n-tuple (d\ , . . . , d n ) € D we define for every i > k 

m i ^p{d 1 ,...,d n ) iff 9R' i _ k ^p(d 1 ,...,d n ), 

9 Note that all new predicates occur only in T ' . 
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and for every i such that < i < k 

VJl i \=P(d 1 ,...,d n ) iff \= P i (di, ■ ■ ■ ,d n ). 

Note that Wl' \= X' and, in particular, formulae from part 5 of X'\ therefore, 971 is 
defined correctly. Indeed, in the case i — fc we obtain 

m' \=p(d u ...,d n ) iff wi' ^P k (d u ...,d n ). 

Evidently, for i > k, Tli \= U and 971; |= S. Again, since our eventualities are uncondi- 
tional, evaluation of £ does not depend on a finite number of initial states, and 9UI |= 
It is enough to show that OJli \= U and Wl t \= S for i E [0, (fc - 1)], and 97t \= 1. 
Again, this can be done by analysing the definition of I' . 

The first claim, 971^ |= U, follows from item 2 of the definition of I 1 , from the relation 

mi\=p(d u ...,d n ) iff m' ^ p\d 1 ,...,d n ) 

and the fact that Wl' Q |= [^]* for every <p G U, < i < k. 

The second claim, 97li \= S, follows from item 3 of the definition of T and from the 
relation 

m i \=p(d 1 ,...,d n ) iff m' \=p i (d 1 ,...,d n ). 

The last claim, 97lo |= I, follows immediately from item 1 of the definition of T' and 
from the relation 

m Q \=p(d u ...,d n ) iff <m' \=p°(d u ...,d n ) 

given above. □ 

7 Grounding Temporal Problems 

In this section we adapt the core temporal resolution calculus given in Section 4 to a 
variation of monodic FOTL where sub-parts of the temporal problem are grounded. 
Not only does this characterise an important class of formulae, but this variation admits 
simplified clausal resolution techniques (in particular, simplified DSNF). 

Definition 15 (Groundedness). A temporal problem P is called grounded if all the 

step clauses and the eventuality clauses of P are ground. Correspondingly, a tempo- 
ral monodic formula is called grounded if it can be translated to a grounded temporal 
problem. A temporal problem P is called a ground eventuality problem if all the even- 
tualities of P are ground. A temporal problem P is called a ground next-time problem 
if all the step clauses of P are ground. 

If P is a ground eventuality problem then only the ground versions of the eventuality 
resolution and eventuality termination rules are needed. 

Theorem 6 (Reducing a Ground Eventuality Problem). Every ground eventual- 
ity monodic temporal problem can be reduced to a satisfiability equivalent grounded 
monodic problem with an exponential growth in size of the given problem. 
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Proof Note that the ground eventuality resolution rule, step resolution rule, and ini- 
tial termination rule operate on merged derived step clauses. So, if instead of original 
step clauses we consider step clauses given by formulae (7), (6), and (5) (and strictly 
speaking, rename by propositions closed first-order formulae in the right- and left-hand 
sides), we obtain a satisfiability equivalent grounded temporal problem. □ 

Example 12. Consider an unsatisfiable formula 

03x(P(x) A O->P(a0) A \J(P(x) =>• OP(x)). 

In DSNF we have (note that 1 is empty throughout), 



P(x) 
Q(x) 



OP(x) 
O-P(x) 



U = 9, 

£ = {()3x(P(x) A Q(x))}. 



According to our reduction, this problem is satisfiability equivalent to the following 

W = 0, 

3xP(x) 03xP(x) 
VxP(x) OVxP(x) 
3xQ(x) => 03x^P(x) 
\/xQ(x) => OVx^P(x) 
3x(P(x) A Q(x)) 03x(P(x) A ->P{x)) 
Vx(P(x) V Q(x)) OVx(P(x) V ->P(x)) 
£ = {03x(P(x) AQ(x))}. 

The last step clause is a tautology which can be eliminated immediately, the next to last 
can be moved to the universal part by an application of step resolution. . 



U = {\/x(^P(x) 

' 3XP(X) : 

\/xP(x) - 
3xQ(x) - 
t \/xQ{x) 



S = < 



v-g(x))}, 

> 03xP(x) 
» OVxP(x) 
4> 03x^P(x) 
» OVx^P(x) 



£ = {()3x(P(x) A Q(x))}. 
Now the ground eventuality termination rule can be applied. 



□ 



Together with Theorem 6 the following theorem shows that for any problem P, if either 
all the step clauses are ground or all the eventuality clauses are ground, then it can be 
reduced to a grounded problem. 

Theorem 7 (Reducing a Ground Next-time Problem). 

Let P — (J, U, S, £) be a temporal problem such that all step rules of P are ground. Let 
£ 3 be obtained from £ as follows: every eventuality clause of the form ()L{x) (in the 
meaning ofVx()L(x) ) is replaced with its ground consequence 3x()L(x) ( equivalent to 
()3xL(x)). Let P = (I,U,S,£ 3 U {(}L(c) | <)L{x) e £, c G const (P)}>. Then Pis 
satisfiable if and only if P is satisfiable. 
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Proof (Sketch) Evidently, if P' is unsatisfiable, then P is unsatisfiable. Suppose now P 
is unsatisfiable, then there exists a successfully terminating temporal resolution deriva- 
tion from P c . Note that the added eventualities of the form ()L{c) exactly correspond 
to the eventualities added by reduction to constant-flooded form. 

Suppose the eventuality resolution rule is applied to a non-ground eventuality 
\/x()L(x). The validity of the side conditions implies the validity of the formula 

n 

□v*(w a \j Ai => o n->L(x)) (io) 

for a set {Ai => OBi, 1 < i <} of ground merged derived step rules. (10) is re- 

n 

solved with the formula \Z\ix()L(x) giving the conclusion ( f\ ~^Ai). However (10) 

i=l 

or, equivalent to (10), 

n 

□ (W A \J A => O \JVx^L(x)) (11) 

3=1 

can be resolved with a "weaker" formula \Z\3x()L(x) giving the same result. 

If the eventuality termination rule is applied to \/x()L(x), its side condition, U \= 
Vx-iL(x), equally contradicts to the ground eventuality 3x§L(x). So, we can conclude 
that replacing non-ground eventualities of the form Mx()L(x) with ground eventualities 
3x()L(x) (equivalent to ()3xL(x)) does not affect (un)satisfiability. □ 

Example 13. 

I={1}, U = {Vx{l => Q(x))}, 

S = {l=>Ol}, £ = {()^Q(x)}. 

Evidently, the initial, universal, and step parts imply □VxQ(x) which also contradicts 

to □Vx0-'<3(x) and □3ar<>-'<9(a;). □ 

8 Decidability by Temporal Resolution 

Temporal resolution provides a decision procedure for a class of monodic temporal for- 
mulae provided that there exists a first-order decision procedure for side conditions of 
all inference rules. Direct examination of the side conditions shows that we are inter- 
ested in the satisfiability of the conjunction of the (current) universal part and sets of 
monadic formulae built from predicate symbols which occur in the temporal part. At 
the same time, the current universal part of a derivation is obtained by extending the 
initially given universal part by monadic formulae from the conclusions of the infer- 
ence rules. So, after imposing appropriate restrictions on the form of the universal part 
of a given temporal problem, we can guarantee its decidability (the addition of monadic 
formulae usually does not affect decidability). 

To reflect our "rename and unwind" transformation to the normal form, we define 
decidable fragments in terms of surrogates [18]. Let us reserve for every formula <f>, 
whose main connective is a temporal operator, a unary predicate P<j,{x), and for every 
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sentence ip, whose main connective is a temporal operator, a propositional variable p^. 
P$(x) and are called surrogates. Given a monodic temporal formula 0, we denote 
by 4> the formula that results from <j> by replacing all of its subformulae whose main 
connective is a temporal operator and which is not within a scope of another temporal 
operator with their surrogates. 

Such an approach allows us to define decidable monodic classes based on the prop- 
erties of surrogates analogously to the classical first-order decision problem [2]. Note 
however, that it is necessary to take into consideration occurrences of temporal opera- 
tors as the following example shows. 

Example 14. The first-order formula 3xVyVz3u<I>(x, y, z, u), where ^ is quantifier 
free, belongs to the classical decidable fragment 3*V 2 3*. Let us consider the tempo- 
ral formula 3x □0VyVz3u^(a;, y, z, u) with the same <P. It is not hard to see that after 
the translation into DSNF (see Example 1), the first formula from U does not belong to 
3*V 2 3* any more. (Formally, it belongs to the undecidable Suranyi class V 3 3.) □ 

The following definition takes into account the considerations above. 

Definition 16 (Temporalisation by Renaming). Let €be a class of first-order formu- 
lae. Let 4> be a monodic temporal formula in Negation Normal Form ( that is, the only 
boolean connectives are conjunction, disjunction and negation, and negations are only 
applied to atoms). We say that <j) belongs to the class T ren € if 

1. (j) belongs to € and 

2. for every subformula of the form Tip, where T is a temporal operator ( or of the 
form ipiTfa if T is binary), either ip is a closed formula belonging to £ or the 
formula Vx(P(x) => ip), where P is a new unary predicate symbol, belongs to £ 
(analogous conditions for ipi, tp2). 

Note that the formulae indicated in the first and second items of the definition exactly 
match the shape of the formulae contributing to U when we reduce a temporal for- 
mula to the normal form by renaming the complex expressions and replacing temporal 
operators by their fixpoint definitions. 

Theorem 8 (Decidability by Temporal Resolution). Let € be a decidable class of 
first-order formulae which does not contain equality and functional symbols, but possi- 
bly contains constants, such that 

- € is closed under conjunction; 

- €. contains monadic formulae. 

Then T ren <t is decidable. 

Proof After reduction to DSNF, all formulae from U belong to £. The (monadic) for- 
mulae from side conditions and the (monadic) formulae generated by temporal resolu- 
tion rules belong to £. Theorem 3gives the decision procedure. □ 

Theorem 8 provides the possibility of using temporal resolution to confirm decidabil- 
ity of all temporal monodic classes listed in [18,32]: monadic, two-variable, fluted, 
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guarded and loosely guarded. Moreover, combining the constructions from [17] and 
the saturation-based decision procedure for the guarded fragment with equality [16], it 
is possible to build a temporal resolution decision procedure for the monodic guarded 
and loosely guarded fragments with equality [5]. 

In addition, using the above theorem, we also obtain decidability of some monodic 
prefix-like classes. 

Corollary 1 (% en 3*M 2 3*, temporalised Godel class). The class T ren 3*\/ 2 3* is de- 

cidable 

Proof Every monadic formula can be reduced, in a satisfiability equivalence preserv- 
ing way, to a conjunction of formulae of the form Vx(ZiV- • -VZ P V Li(x)V ■ ■ -\/L q (x)), 
Pi <1 > or 3x(Li(x) A • • • A L r {x)), r > 0, where lj are ground literals and Lj(x) 
are non-ground literals. Obviously, every conjunct is in 3*V 2 3*. Satisfiability of a con- 
junction of formulae belonging to 3*V 2 3* is decidable, e.g. by the resolution-based 
technique (see clause set class S + in [9]). □ 

Corollary 2 (T ren K, temporalised Maslov class). The class T ren K is decidable 
(where K is the Maslov class). 

Proof Again, monadic formulae can be rewritten as a conjunction of Maslov formulae; 
satisfiability of a conjunction of Maslov formulae is decidable as shown in [21]. □ 

9 Loop Search Algorithm 

The notion of a full merged step clause given in Section 5 is quite involved and the 
search for appropriate merging of simpler clauses is computationally hard. Finding sets 
of such full merged clauses needed for the temporal resolution rule is even more dif- 
ficult. In Fig. 3 we present a search algorithm that finds a loop formula (cf. page 10) 
— a disjunction of the left-hand sides of full merged step clauses that together with an 
eventuality literal form the premises for the temporal resolution rule. The algorithm is 
based on Dixon's loop search algorithm for the propositional case [8]. For simplicity, in 
what follows we consider non-ground eventualities only. The algorithm and the proof 
of its properties for the ground case can be obtained by considering merged derived step 
clauses instead of the general case and by deleting the parameter "x" and quantifiers. 
We are going to show now that the algorithm terminates (Lemma 8), its output is a loop 
formula (lemmas 9 and 10), and temporal resolution is complete if we consider only the 
loops generated by the algorithm (Theorem 9). 

Lemma 7. The formulae Hi(x), i > 0, constructed by the BFS algorithm, satisfy the 
following property: \fx(Hi + i(x) Hi(x)). 

Proof By induction. In the base case i = 0, we have Hq(x) = true and, obvi- 
ously, \/x(Hi(x) => true). The induction hypothesis is that Vx(i?j(x) => iJj_i(x)). 
In the induction step, let Ni + i ^ (otherwise, Hi + \(x) = false and, evidently, 
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Input A temporal problem P and an eventuality clause ()L(x) £ £. 
Output A formula H(x) with at most one free variable. 
Method:l. Let H (x) = true; N = 0; i = 0. 

2. Let N t+1 = {Vx(Af +1) (x) =>■ 08j' +1) (i))} 3 i 1 be the set of all full merged 

step clauses such that for every j £ {1 . . . k}, \/x(U A Bj l+1 \x) => (-<L(x) A 
Hi(x))) holds. (The set N i+ \ possibly includes the degenerate clause true => 
Otrue in the case U \= Vx(-<L(x) A Hi(x)).) 

k 

3. IfiV i+ i = 0, return false; else let H i+1 (x) = V (Af +1) (x)). 

2 = 1 

4. UVx(Hi(x) => ff i+ i(a;)) return ff i+ i(a;). 

5. i = i + 1; goto 2. 



Fig. 3. Breadth First Search algorithm. 

Vx(false => if;(x)) holds). Let JV i+1 = {Vx(„4$ i+1) (a;) => OBf +1) {x))} k J=1 . For ev- 
ery j £ {1 . . . fc} wehaveVx(£>j I+1 '(a;) => (->L(x)Aifj(x))). By the induction hypoth- 
esis, Vx(Hi(x) =>fli_i(a;)) and, therefore, Va;(^ 4+1) (x) => (^L(x)AiJ 4 _i (x))), that 
is, iV i+ i C ATj. It follows that Vx(H i+1 (x) => Hi{x)). □ 

Lemma 8. 77ze algorithm terminates. 

Proof There are only finitely many different flj(x). Therefore, either there exists 
fc such that -fffe(x) = false and the algorithm terminates by step 3, or there exist 
l,m : I < m such that Vx(iJ;(x) = H m {x)). In the latter case, by Lemma 7, we have 
Vx(if m _i(x) => Hi{x)), that is Vx(F TO _i(x) => H m {x)). By step 4, the algorithm 
terminates. □ 

Lemma 9. Lef if (x) foe a formula produced by the BFS algorithm. Then Vx(U A 
if(x) => O n-ii(x)). 

Proof If i?(x) = false, the lemma holds. Otherwise, consider the last computed set 
N l+1 (that is, H{x) = H i+1 (x)). Let N l+1 = {Vx(^ <+1) (x) => OB? +1) (aO)}* =1 . 
Note that for all j e {1 . . . fc}, it holds Vx(W A #j <+1) (x) => -.L(x)) and, since 
Vx(Hi(x) => i? i+ i(x)), we also have Va;(W A Sj i+1) (x) => if i+ i(x)), that is, iV l+ i is 
a loop and H i+ i(x) is its loop formula. □ 

Lemma 10. Let P be a monodic temporal problem, C be a loop in §L(x) <G £, and 
L(x) be its loop formula. Then for the formula H{x), produced by the BFS algorithm 
on 0L(x), the following holds: Vx(L(x) => H(x)). 

Proof We show by induction that for all sets of full merged step clauses iVj+i, con- 
structed by the algorithm, C C A^ + i. In the base case i = 0, Hq(x) = true and 
for every full merged step clause \/x{A{x) => B{x)) e C, we have Mx(U A B{x) => 
(->L(x) A true)); therefore, C C Ni. 
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Our induction hypothesis is that £ C N it that is, Ni = £ U N-. Then Hi(x) = 
L(x) V H-(x). Let Vx(.A(x) £>(x)) be any full merged step clause from £. By 
the definition of a loop, Vx(U A B(x) => {->L{x) A L(x))), hence, Vx(U A B(x) => 
{(-^L(x)A'L(x))V{-nL(x)AH' i (x)))),thatis,yx(UAB{x) (->L(x)AHi(x))). Since 
the set iV i+ i consists of all full merged step clauses, Mx{A^ +1 \x) => OSj* +1 ^(x)), 

suchthatVx(ZMSj i+1) (x) (->L(x) AH,(x))) holds, we have Vx(A(x) => B{x)) e 
iVj + i. As Vx(A(x) => S(x)) is an arbitrary full merged step clause from £, it means 
that£ c N i+1 . 

It follows that Vx(L(x) => H(x)). □ 

The proof of the completeness theorem goes by showing that there exists an even- 
tuality <)L(x) e £ and a loop £ = {Vx(Ai(x) OB»(ar))}f =1 such that the 
application of the eventuality resolution rule to ()L(x) and £ leads to the deletion 
of some vertices from the eventuality graph. A vertex C is deleted from the graph 
if the categorical formula, Tc, together with the universal part, U, is satisfiable, but 
J~c A Vx-> Vj=i A] (x) A U is unsatisfiable. 

Theorem 9 (Relative Completness). Temporal resolution is complete if we restrict 
ourselves to loops found by the BFS algorithm. 

Proof Let H(x) be the output of the BFS algorithm, let L(x) d = V*U Aj{x). By 
Lemma 10, Vx(L(x) =>■ H(xj) holds; therefore, H(x) is not false. From the proof of 
Lemma 9 it follows that the last computed set N i+ i (that is, H(x) = H i+1 (x)) is a 
loop in 0L(x) and H(x) is its loop formula. Since Vx(L(x) =>■ H{x)), the formula 
Tc A Vx-iH(x) A U is unsatisfiable as well and the application of the eventuality res- 
olution rule to 0L(x) and N i+ i leads to deletion of at least the same vertices from the 
eventuality graph. □ 

Note 4. The need to include all full merged step clauses satisfying some particular 
conditions into A^ + i might lead to quite extensive computations. Note however that 
due to the trivial fact that if Vx(A(x) => B{x)) then Vx((A(x) V B(x)) = B{x)), we 
can restrict the choice to only those full merged step clauses whose left-hand sides do 
not imply the left-hand side of any other clause in Ni+i yielding a formula H' i+1 (x) 
equivalent to the original formula (x). 

Example 15. Let us consider an unsatisfiable monodic temporal problem, P, given by 



and apply the BFS algorithm to ()L(x). 

The set of all full merged step clauses, N\, whose right-hand sides imply -ii(x), is: 



1 = {3xA(x)}, 

U = {ix{B{x) A(x) A -<L(x))} 
S = {A(x) OB{x)}, 
£ = {0L(x)} 



(VyA(y))=s-0(Vyfl(y)), 
(A(x) A\/yA{y)) 0(B(x) A VyB(y)), 
(A(x) A 3yA(y)) =► 0(B(x) A 3yB(y)). 



(12) 
(13) 
(14) 
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Note that Vx(VyA(y) A(x) AVyA(y)) and Vx(A(x) AVyA(y)) => A(x)A3yA(y)); 
therefore, clauses (12) and (13) can be deleted from N\ yielding 

N[ = {(A(x)A3yA(y))^0(B(x)A3yB(y))} and H[(x) = (A(x)A3yA(y)). 

The set of all full merged step clauses N 2 whose right-hand sides imply L(x) A 
H[(x) coincides with N\ and the output of the algorithm is H' 2 (x) = H[ (x). The con- 
clusion of the eventuality resolution rule, Vx->A(x) V -ByA(y), simplified to Vx->A(x), 
contradicts the initial part of the problem. 

Note that all full merged step clauses from N\ are loops in ()L(x), but both con- 
clusions of the eventuality resolution rule, applied to the loops (12) and (13), can be 
simplified to 3x^A(x) which does not contradict the initial part. 

10 Semantics with expanding domains 

So far, we have been considering temporal formulae interpreted over models with 
the constant domain assumption. In this section we consider another important case, 
namely models that have expanding domains. Although it is known that satisfiability 
over expanding domains can be reduced to satisfiability over constant domains [31], 
we here provide a procedure that can be applied directly to expanding domain prob- 
lems. Our interest in such problems is partly motivated by the fact that the expanding 
domain assumption leads to a simpler calculus, more amenable to practical implemen- 
tation [22], and partly by the correspondence between expanding domain problems and 
important applications, such as spatio-temporal logics [33, 15] and temporal descrip- 
tion logics [1]. In addition, the way we refine the calculus of Section 4 to the expanding 
domain case constitutes, we believe, an elegant and significant simplification. 

We begin by presenting the expanding domain semantics and proceed to give the give 
the resolution calculus for the expanding domain case. 

Under expanding domain semantics, formulae of FOTL are interpreted in first-order 
temporal structures of the form Wl = (D n ,I n ), n G N, where every D n is a non-empty 
set such that whenever n < m, D n C D m , and /„ is an interpretation of predicate 
and constant symbols over D n . Again, we require that the interpretation of constants 
is rigid. A (variable) assignment a is a function from the set of individual variables to 
U„ eN D„; the set of all assignments is denoted by 23. 

For every moment of time n, the corresponding first-order structure, 0Jt n = 
(D n ,I n ); the corresponding set of variable assignments 2J„ is a subset of the set of 
all assignments, 5J„ = {o 6 5J a(x) E D n for every variable x}; clearly, 2J„ C 2J m 
if n < m. 

Then, the truth relation Wl n \= a in a structure 9JI is defined inductively in the 
same way as in the constant domain case, but only for those assignments a that satisfy 
the condition a £ 5J„. 

Example 16. The formula VxP(x) A D(VxP(x) OVxP(x)) A ()3y^P(y) is 
unsatisfiable over both expanding and constant domains; the formula MxP(x) A 
□ (Vx(P(x) =>■ OP(x))) A ()3y-*P(y) is unsatisfiable over constant domains but 
has a model with an expanding domain. 
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It can be seen that our earlier reduction to DSNF holds for the expanding domain case 
(the only difficulty is Lemma 1 where, in defining waitforL(d), we must consider cases 
where Tlk \= DO-P(d) or |= D _, -P(rf) where k is the moment when d "ap- 
pears"). 

The calculus itself coincides with the calculus given in Section 4; the only difference 
occurs in the merging operation. As Example 16 shows, the derived step clause (5) is 
not a logical consequence of (4) in the expanding domain case. Surprisingly, if we 
omit derived step clauses of this form, we not only obtain a correct calculus, but also a 
complete calculus for the expanding domain case! 

Definition 17 (Derived Step Clauses: Expanding Domains). Let P be a monadic 
temporal problem, and let 

PiAx) => OM h (x),...,P ik (x) => OM ik {x) 

be a subset of the set of its original non-ground step clauses. Then 

3a;(P il (x) A • • • A P ik (x)) => 03x(M il (x) A • • • A M lk (x)), 
P t] {c)^OM t] {c) 

are e-derived step clauses, where c is a constant occurring in P. 

The notions of a merged derived and full step clause as well as the calculus itself are 
exactly the same as in Section 4. 

Correctness of this calculus is again straightforward. As for completeness, we have 
to slightly modify the proof of Section 5. 

The proof of Theorem 3 relies on the theorem on existence of a model, Theorem 4, 
and it can be seen that if we prove an analog of Theorem 4 for the expanding domain 
case, the given proof of completeness holds for the this case. 

We outline here how to modify the proof of Theorem 4 for the case of expanding 
domains. All the definitions and properties from Section 5 are transfered here with the 
following exceptions. 

Now, the universally quantified part does not contribute either to A or B. 

A c = A IxA^x) A A B A A A p[c) {c), 

~ t er cec 
B c = A 3xB 1 (x)AB e A A B p(c) {c). 

ter cec 

This change affects the suitability of predicate colours. 

Lemma 11 (Analogue of Lemma 3). Let H be the behaviour graph for the problem 
P = (W, X, S, £) with an edge from a vertex C = (T, 8, p) to a vertex C — (T', 6*', p'). 
Then 

1. for every 7 £ _T there exists a 7 ' £ r' such that the pair (7, 7 ') is suitable; 

3. the pair of propositional colours (9, 9') is suitable; 

4. the pair of constant distributions (p, p') is suitable. 
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Note that the missing condition 2. of Lemma 3 does not hold in the expanding do- 
main case. However, under the conditions of Lemma 11, if 7' = p'(c), for some 
c e const(P), there always exists a 7 e r such that the pair (7, 7') is suitable. 

Since for a predicate colour 7 there may not exist a colour 7' such that the pair 
(7', 7) is suitable, the notion of a run is reformulated. 

Definition 18 (Run). Let tt be a path through a behaviour graph H of a temporal 
problem P. By a run in it we mean a function r(n) mapping its domain, dom(r) = 
{n G N I n > n } for some n € N, to U ig]N ^ such that for every n £ dom{r), 
r(n) E r n , r(n) the pair (r(n), r(n + 1)) is suitable. 

Finally, the proof of Lemma 5 is modified as follows. 

Proof [of Lemma 5 for the expanding domain case] We construct a path, ir, through 
the behaviour graph, H, satisfying properties (a), (b), and (d) in exactly the same way 
as in the proof for constant domains. The only difference is in the way how we prove 
condition (c). We assume the denotation from that proof. So, let C = n(i) and 7 e Tq. 

Let C = n(i) and 7 e r c . Then there exists 7" e C n such that (C, 7) ->+ (C n , 7 "). 
Since for every 7" e C n there exists 7"' e ci 7s "' Lfe ' 1 such that all eventuali- 
ties are satisfied on the run-segment from 7" to 7"' and there exists 7^ e C n , 
(Ci 7s " ,ifc) ,7"') ^+ (C„,7^), then there is an e-run, r, such that r(i) = 7, i.e., 
property (c) holds 10 . □ 

This contributes to the following theorem. 

Theorem 10 (Correctness and Completness of Temporal Resolution for the Ex- 
panding Domain Case). The rules of temporal resolution preserve satisfiability. Let an 
arbitrary monodic temporal problem P be unsatisfiable over expanding domain. Then 
there exists a successfully terminating derivation by temporal resolution from P^. 

11 Conclusions 

In this paper, we have modified and extended the clausal temporal resolution technique 
in order to enable its use in monodic FOTL. We have developed a specific normal form 
for FOTL and have provided a complete resolution calculus for formulae in this form. 
The use of this technique has provided us with increased understanding of the monodic 
fragment, allowing definitions of new decidable monodic classes, simplification of ex- 
isting monodic classes by reductions, and completeness of clausal temporal resolution 
in the case of monodic logics with expanding domains. 

However, not only is this approach useful in examining and extending the monodic 
fragment, but it is being used as the basis for a practical proof technique for certain 
monodic classes [22]. Refining and analyzing this implementation forms part of our 
future work, as does the application of this technique to a range of areas, including 
program verification, temporal description logics, agent theories and spatio-temporal 
logics. 



We do not assume any more that the e-run starts at Co- 
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